﻿<%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
<%@ import Namespace="System.Management"%>
<%@ import Namespace="System.Collections"%>
<title>Exploits Searcher</title>
<%
//Code By zcgonvh,part of GMH'S Fuck Tools
//Blog: z-cg.com
string pairs=@"
KB952004:MS09-012/PR
KB956572:MS09-012/churraskito
KB2393802:MS11-011
KB2592799:MS11-080
KB2621440:MS12-020
KB2160329:MS10-048
KB970483:MS09-020/IIS6 up(could be)
KB2124261:MS10-065/IIS7 up(could be)
KB2271195:MS10-065/IIS7 up(could be)
KB977165:MS10-015
KB2360937:MS10-084
KB2478960:MS11-014
KB2507938:MS11-056
KB2566454:MS11-062
KB2646524:MS12-003
KB2645640:MS12-009
KB2641653:MS12-018
KB944653:MS07-067
KB971657:MS09-041
KB2620712:MS11-097
KB942831:MS08-005
KB2503665:MS11-046
";
Hashtable ht=new Hashtable();
foreach(string pair in pairs.Split(new string[]{"\r\n"},StringSplitOptions.RemoveEmptyEntries))
{
	string[] strs=pair.Split(':');
	try
	{
		ht.Add(strs[0].Trim().ToUpper(),strs[1]);
	}catch{}
}
try
    {
		ManagementObjectCollection moc=GetMOC("Win32_QuickFixEngineering");
		Write("<span style=\"color:red;\">{0}</span> HotFix(s) was installed.<br />",moc.Count);
		string showmode=Request["ShowHotFixs"];
		if(showmode!=null)
		{
			if(showmode.Equals("Excel"))
			{
				Response.Clear();
				Response.AddHeader("Content-Disposition", "attachment;filename=HotFixInfo.csv");
				Response.ContentType = "application/octet-stream";
				Response.ContentEncoding = System.Text.Encoding.GetEncoding(0);
				Write("HotFixID\tType\tInstalledBy\tInstalledOn\tDescription\r\n");
				foreach (ManagementObject o in moc)
				{
					Write("{0}\t{1}\t{2}\t{3}\t{4}\r\n",CheckEmpty(o["HotFixID"]),CheckEmpty(o["FixComments"]),CheckEmpty(o["InstalledBy"]),CheckEmpty(o["InstalledOn"]),CheckEmpty(o["Description"]));
				}
			}
			else
			{
				Write("If you want to get a excel list,please click <a href=\"?ShowHotFixs=Excel\">here</a><br />");
				Write("If you want to search exploits,please click <a href=\"?\">here</a><br />");
				foreach (ManagementObject o in moc)
				{
					Write("HotFix with ID:<span style=\"color:red;\">{0}</span> Installed on <span style=\"color:green;\">{1}</span> by <span style=\"color:red;\">{2}</span>,type is <span style=\"color:green;\">{3}</span>,description is <span style=\"color:red;\">{4}</span><br />",CheckEmpty(o["HotFixID"]),CheckEmpty(o["InstalledOn"]),CheckEmpty(o["InstalledBy"]),CheckEmpty(o["FixComments"]),CheckEmpty(o["Description"]));
				}
			}
		}
		else
		{
			Hashtable htc=ht.Clone() as Hashtable;
			DateTime ldt=DateTime.MinValue;
			foreach (ManagementObject o in moc)
			{
				string s=o["HotFixID"] as string;
				if(!String.IsNullOrEmpty(o["InstalledOn"] as string))
				{
					DateTime instime=DateTime.Parse(String.Concat(o["InstalledOn"] as string," 00:00:00"));
					if(instime>ldt)
					{
						ldt=instime;
					}
				}
				if(s.Equals("File 1")){continue;}
				try
				{
					htc.Add(s,null);
				}
				catch
				{
					ht.Remove(o["HotFixID"].ToString().Trim().ToUpper());
				}
			}
			Write("Last patched time:<span style=\"color:red;\">{0}</span>,Last boot time:<span style=\"color:red;\">{1}</span>,Server time:<span style=\"color:red;\">{2}</span></br>",ldt.ToString("yyyy-MM-dd"),GetLastBootTime(),DateTime.Now.ToString());
			if(ht.Count==0)
			{
				Write("Fuck,all HotFixs was patched.<br />");
			}
			else
			{
				foreach(object o in ht.Keys)
				{
					Write("HotFix with ID:<span style=\"color:red;\">{0}</span> was not patched,exploit name is:<span style=\"color:green;\">{1}</span><br />",o,ht[o]);
				}
				Write("<span style=\"color:red;\">{0}</span> Exploit(s) can be used,good luck.<br />",ht.Count);
			}
			Write("If you want to view all HotFix(s),please click <a href=\"?ShowHotFixs=List\">here</a><br />");
		}
    }
catch{Write("Permission denied");}
%>
<script runat=server>
void Write(string s,params object[] obj)
{
	if(obj!=null)
	{
		Response.Write(String.Format(s,obj));
	}
	else
	{
		Response.Write(s);
	}
}
ManagementObjectCollection GetMOC(string cls)
{
	ManagementObjectSearcher searcher = new ManagementObjectSearcher("root\\CIMV2","SELECT * FROM "+cls); 
	return searcher.Get();
}
string CheckEmpty(object o)
{
	string s=o as string;
	return String.IsNullOrEmpty(s)?"Unknown":s;
}
string GetLastBootTime()
{
	IEnumerator ie=GetMOC("Win32_OperatingSystem").GetEnumerator();
	ie.MoveNext();
	return DateTime.ParseExact((ie.Current as ManagementObject)["LastBootUpTime"].ToString().Split('.')[0],"yyyyMMddhhmmss",null).ToString();
}
</script>
